[lmm]

> those can be guarded against more easily than avoiding phishing email from "your bank".

What risk measure are you using there, and what ease measure? E.g. waiting for 6 blocks for transactions to settle (best practice AIUI) would be a serious inconvenience when e.g. paying at a restaurant.

[EdHominem]

You expect a restaurant customer to perform a double-spend for their dinner bill? One confirmation is enough for, roughly, anything worth less than the block reward. When you sell luxury cars you may want to wait a bit longer.

Mostly, attacks on the protocol itself (instead of your android wallet, etc) require significant mining effort and usually waste it effort by making the block incompatible with the global network (the double spend). When the cost of the item, divided by the number of blocks the merchant waits, is greater than the block reward divided by your likelihood of finding enough consecutive blocks to cheat - it may be worth it to try.

Specifically for food - you're supposed to mention coupons and traveller's cheques at the start of the meal, giving the restaurant time to prepare. The confirmation time (one, or maybe two blocks) could be handled the same way - pay a bit early.

[lmm]

One or two blocks is 10 or 20 minutes, no? That's not going to make you popular. Maybe bitcoin can replace coupons and travellers' cheques, but that's not a very big market compared to cash and cards.

[EdHominem]

You say that like I failed my sales pitch. The restaurant was your example, and I'm not trying to get you to use Bitcoin.

fwiw, I have paid btc in a restaurant and it was seamless because they didn't bother waiting for any confirmations because they had our faces on camera... Fraud is fraud so they weren't worried. Flash the QR, scan the QR, check the numbers, hit okay, done. 20s for me, and maybe another 20s for the merchant.

But yeah, some stores don't take credit, some don't take cash. All depends on their workflow if seconds matter.

[lmm]

> You say that like I failed my sales pitch. The restaurant was your example, and I'm not trying to get you to use Bitcoin.

I object to the claim that it's easier to guard against a hostile bitcoin network than against phishing emails. It may be possible to use bitcoin safely for some use cases, but it's more effort than avoiding phishing emails.

[EdHominem]

If you wait for a single confirmation you're almost 100% safe, and this is a feature that almost every wallet has. They alert when a transaction to an address of yours has been confirmed some number of times. If you aren't selling diamonds or fancy cars, online to anonymous people, the right number of confirmations is one.

For a server, it's just like another card reader with a different UI, it's not some high-tech payment box they need a PhD to operate.

(Spear-)Phishing emails often include your boss's real info, fairly convincing text, proper formatting, etc... They've tricked trained CFOs out of millions.

Using BTC is like using Instagram, there's a ton of complexity behind the scenes but if you aren't a systems integrator it's essentially seamless.